Reputation: 3235
https requests using a proxy
Let's say you want to perform an https request to a certain website but you have a proxy on the middle.
The aforesaid proxy doesn't look into the request but just relay all the traffic to the actual HTTPS server after the user-agent has used the HTTP CONNECT method (as in http://www.web-cache.com/Writings/Internet-Drafts/draft-luotonen-web-proxy-tunneling-01.txt).
Now my question is the following: after the proxy opens a SSL connection to the destination webserver, should it also upgrade the socket which handles the connection with the client to SSL as well? And if so, how would it forward packets to the server without sniffing the actual content?
What I mean here is that if the proxy actually reads data from SSL client socket and forwards them to SSL server socket, the data will be not encrypted to it.
Upvotes: 0
Views: 686
Answers (1)
Reputation: 310840
The proxy has a plaintext connection open to the client, via which it received the CONNECT command. It opens a plaintext connection to the server. Thereafter it just copies bytes in both directions. The bytes coming from both client and server are SSL, so this works without the proxy knowing what's inside the ciphertext.
Upvotes: 3
Related Questions
- CONNECT request to a forward HTTP proxy over an SSL connection?
- HTTPS connections over proxy servers
- Proxy HTTP requests to an HTTPS server in nginx
- SSL Certificate for proxy pass?
- SSL Intercepting Proxys
- Is it safe to proxy a request from https to http?
- Respond to HTTP CONNECT in proxy
- HTTPS tunneling through my proxy
- HTTPS requests over open proxy servers
- SSL with proxy (https)